<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-rng/Documentation/crypto, branch master</title>
<subtitle>Development tree for the kernel CSPRNG</subtitle>
<id>https://git.zx2c4.com/linux-rng/atom/Documentation/crypto?h=master</id>
<link rel='self' href='https://git.zx2c4.com/linux-rng/atom/Documentation/crypto?h=master'/>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/'/>
<updated>2025-11-11T19:07:36Z</updated>
<entry>
<title>lib/crypto: tests: Add SHA3 kunit tests</title>
<updated>2025-11-11T19:07:36Z</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2025-10-26T05:50:22Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=15c64c47e48472875c2b85838581843f05057787'/>
<id>urn:sha1:15c64c47e48472875c2b85838581843f05057787</id>
<content type='text'>
Add a SHA3 kunit test suite, providing the following:

 (*) A simple test of each of SHA3-224, SHA3-256, SHA3-384, SHA3-512,
     SHAKE128 and SHAKE256.

 (*) NIST 0- and 1600-bit test vectors for SHAKE128 and SHAKE256.

 (*) Output tiling (multiple squeezing) tests for SHAKE256.

 (*) Standard hash template test for SHA3-256.  To make this possible,
     gen-hash-testvecs.py is modified to support sha3-256.

 (*) Standard benchmark test for SHA3-256.

[EB: dropped some unnecessary changes to gen-hash-testvecs.py, moved
     addition of Testing section in doc file into this commit, and
     other small cleanups]

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Reviewed-by: Ard Biesheuvel &lt;ardb@kernel.org&gt;
Tested-by: Harald Freudenberger &lt;freude@linux.ibm.com&gt;
Link: https://lore.kernel.org/r/20251026055032.1413733-6-ebiggers@kernel.org
Signed-off-by: Eric Biggers &lt;ebiggers@kernel.org&gt;
</content>
</entry>
<entry>
<title>lib/crypto: sha3: Add SHA-3 support</title>
<updated>2025-11-06T04:02:32Z</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2025-10-26T05:50:20Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=0593447248044ab609b43b947d0e198c887ac281'/>
<id>urn:sha1:0593447248044ab609b43b947d0e198c887ac281</id>
<content type='text'>
Add SHA-3 support to lib/crypto/.  All six algorithms in the SHA-3
family are supported: four digests (SHA3-224, SHA3-256, SHA3-384, and
SHA3-512) and two extendable-output functions (SHAKE128 and SHAKE256).

The SHAKE algorithms will be required for ML-DSA.

[EB: simplified the API to use fewer types and functions, fixed bug that
     sometimes caused incorrect SHAKE output, cleaned up the
     documentation, dropped an ad-hoc test that was inconsistent with
     the rest of lib/crypto/, and many other cleanups]

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Co-developed-by: Eric Biggers &lt;ebiggers@kernel.org&gt;
Tested-by: Harald Freudenberger &lt;freude@linux.ibm.com&gt;
Reviewed-by: Ard Biesheuvel &lt;ardb@kernel.org&gt;
Link: https://lore.kernel.org/r/20251026055032.1413733-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers &lt;ebiggers@kernel.org&gt;
</content>
</entry>
<entry>
<title>crypto: doc - Add explicit title heading to API docs</title>
<updated>2025-09-28T03:54:48Z</updated>
<author>
<name>Bagas Sanjaya</name>
<email>bagasdotme@gmail.com</email>
</author>
<published>2025-09-20T00:16:51Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=298ced6c3b3c116987554364998e9d8cb94e0126'/>
<id>urn:sha1:298ced6c3b3c116987554364998e9d8cb94e0126</id>
<content type='text'>
Documentation for crypto programming interfaces lack explicit title.
As such, all its sections become entries in the toctree index.

Add the title heading to tidy up toctree.

Signed-off-by: Bagas Sanjaya &lt;bagasdotme@gmail.com&gt;
Reviewed-by: Randy Dunlap &lt;rdunlap@infradead.org&gt;
Tested-by: Randy Dunlap &lt;rdunlap@infradead.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: engine - remove {prepare,unprepare}_crypt_hardware callbacks</title>
<updated>2025-07-18T10:52:00Z</updated>
<author>
<name>Ovidiu Panait</name>
<email>ovidiu.panait.oss@gmail.com</email>
</author>
<published>2025-07-11T18:29:32Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=5eb32430df783e212ffed8d35cc494a8941cda0a'/>
<id>urn:sha1:5eb32430df783e212ffed8d35cc494a8941cda0a</id>
<content type='text'>
The {prepare,unprepare}_crypt_hardware callbacks were added back in 2016
by commit 735d37b5424b ("crypto: engine - Introduce the block request
crypto engine framework"), but they were never implemented by any driver.
Remove them as they are unused.

Since the 'engine-&gt;idling' and 'was_busy' flags are no longer needed,
remove them as well.

Signed-off-by: Ovidiu Panait &lt;ovidiu.panait.oss@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: remove obsolete 'comp' compression API</title>
<updated>2025-03-21T09:39:06Z</updated>
<author>
<name>Ard Biesheuvel</name>
<email>ardb@kernel.org</email>
</author>
<published>2025-03-16T01:21:27Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=fce8b8d5986b76a4fdd062e3eec1bb6420fee6c5'/>
<id>urn:sha1:fce8b8d5986b76a4fdd062e3eec1bb6420fee6c5</id>
<content type='text'>
The 'comp' compression API has been superseded by the acomp API, which
is a bit more cumbersome to use, but ultimately more flexible when it
comes to hardware implementations.

Now that all the users and implementations have been removed, let's
remove the core plumbing of the 'comp' API as well.

Signed-off-by: Ard Biesheuvel &lt;ardb@kernel.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto/krb5: Add API Documentation</title>
<updated>2025-03-02T21:39:03Z</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2023-04-14T10:35:12Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=903be6989032267550450bbb9132225e12f61312'/>
<id>urn:sha1:903be6989032267550450bbb9132225e12f61312</id>
<content type='text'>
Add API documentation for the kerberos crypto library.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
</entry>
<entry>
<title>crypto: doc - Fix akcipher title reference</title>
<updated>2024-10-10T09:08:02Z</updated>
<author>
<name>Lukas Wunner</name>
<email>lukas@wunner.de</email>
</author>
<published>2024-10-08T09:12:01Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=5c20772738e1d1d7bec41664eb9d61497e53c10e'/>
<id>urn:sha1:5c20772738e1d1d7bec41664eb9d61497e53c10e</id>
<content type='text'>
Stephen reports a documentation build warning for "make htmldocs"
introduced by recent commit 6b34562f0cfe ("crypto: akcipher - Drop
sign/verify operations").

The commit renamed a paragraph title in a header file, but neglected to
amend the title reference in the API documentation.  Fix it.

Fixes: 6b34562f0cfe ("crypto: akcipher - Drop sign/verify operations")
Reported-by: Stephen Rothwell &lt;sfr@canb.auug.org.au&gt;
Closes: https://lore.kernel.org/all/20241008172926.0b995ea7@canb.auug.org.au/
Signed-off-by: Lukas Wunner &lt;lukas@wunner.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: ecdsa - Move X9.62 signature size calculation into template</title>
<updated>2024-10-05T05:22:04Z</updated>
<author>
<name>Lukas Wunner</name>
<email>lukas@wunner.de</email>
</author>
<published>2024-09-10T14:30:27Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=a2471684dae23a676b4badea306140d24e6507f5'/>
<id>urn:sha1:a2471684dae23a676b4badea306140d24e6507f5</id>
<content type='text'>
software_key_query() returns the maximum signature and digest size for a
given key to user space.  When it only supported RSA keys, calculating
those sizes was trivial as they were always equivalent to the key size.

However when ECDSA was added, the function grew somewhat complicated
calculations which take the ASN.1 encoding and curve into account.
This doesn't scale well and adjusting the calculations is easily
forgotten when adding support for new encodings or curves.  In fact,
when NIST P521 support was recently added, the function was initially
not amended:

https://lore.kernel.org/all/b749d5ee-c3b8-4cbd-b252-7773e4536e07@linux.ibm.com/

Introduce a -&gt;max_size() callback to struct sig_alg and take advantage
of it to move the signature size calculations to ecdsa-x962.c.

Introduce a -&gt;digest_size() callback to struct sig_alg and move the
maximum ECDSA digest size to ecdsa.c.  It is common across ecdsa-x962.c
and the upcoming ecdsa-p1363.c and thus inherited by both of them.

For all other algorithms, continue using the key size as maximum
signature and digest size.

Signed-off-by: Lukas Wunner &lt;lukas@wunner.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: sig - Rename crypto_sig_maxsize() to crypto_sig_keysize()</title>
<updated>2024-10-05T05:22:04Z</updated>
<author>
<name>Lukas Wunner</name>
<email>lukas@wunner.de</email>
</author>
<published>2024-09-10T14:30:26Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=221f00418e726237dbe38ba627ce08b22d3667f7'/>
<id>urn:sha1:221f00418e726237dbe38ba627ce08b22d3667f7</id>
<content type='text'>
crypto_sig_maxsize() is a bit of a misnomer as it doesn't return the
maximum signature size, but rather the key size.

Rename it as well as all implementations of the -&gt;max_size callback.
A subsequent commit introduces a crypto_sig_maxsize() function which
returns the actual maximum signature size.

While at it, change the return type of crypto_sig_keysize() from int to
unsigned int for consistency with crypto_akcipher_maxsize().  None of
the callers checks for a negative return value and an error condition
can always be indicated by returning zero.

Signed-off-by: Lukas Wunner &lt;lukas@wunner.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: akcipher - Drop sign/verify operations</title>
<updated>2024-10-05T05:22:04Z</updated>
<author>
<name>Lukas Wunner</name>
<email>lukas@wunner.de</email>
</author>
<published>2024-09-10T14:30:21Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/linux-rng/commit/?id=6b34562f0cfe81f1f207fc7c146c4ff4b31eb625'/>
<id>urn:sha1:6b34562f0cfe81f1f207fc7c146c4ff4b31eb625</id>
<content type='text'>
A sig_alg backend has just been introduced and all asymmetric
sign/verify algorithms have been migrated to it.

The sign/verify operations can thus be dropped from akcipher_alg.
It is now purely for asymmetric encrypt/decrypt.

Move struct crypto_akcipher_sync_data from internal.h to akcipher.c and
unexport crypto_akcipher_sync_{prep,post}():  They're no longer used by
sig.c but only locally in akcipher.c.

In crypto_akcipher_sync_{prep,post}(), drop various NULL pointer checks
for data-&gt;dst as they were only necessary for the verify operation.

In the crypto_sig_*() API calls, remove the forks that were necessary
while algorithms were converted from crypto_akcipher to crypto_sig
one by one.

In struct akcipher_testvec, remove the "params", "param_len" and "algo"
elements as they were only needed for the ecrdsa verify operation.
Remove corresponding dead code from test_akcipher_one() as well.

Signed-off-by: Lukas Wunner &lt;lukas@wunner.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
</feed>
